惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园_首页
阮一峰的网络日志
阮一峰的网络日志
S
Secure Thoughts
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
C
Cyber Attacks, Cyber Crime and Cyber Security
T
Threat Research - Cisco Blogs
P
Privacy & Cybersecurity Law Blog
The Hacker News
The Hacker News
H
Heimdal Security Blog
W
WeLiveSecurity
L
LINUX DO - 热门话题
Hacker News: Ask HN
Hacker News: Ask HN
WordPress大学
WordPress大学
The Last Watchdog
The Last Watchdog
Hugging Face - Blog
Hugging Face - Blog
博客园 - 【当耐特】
D
DataBreaches.Net
I
Intezer
Webroot Blog
Webroot Blog
C
Cisco Blogs
AWS News Blog
AWS News Blog
博客园 - 聂微东
T
The Blog of Author Tim Ferriss
V
Vulnerabilities – Threatpost
罗磊的独立博客
Google DeepMind News
Google DeepMind News
N
Netflix TechBlog - Medium
Schneier on Security
Schneier on Security
宝玉的分享
宝玉的分享
博客园 - 叶小钗
PCI Perspectives
PCI Perspectives
D
Docker
Scott Helme
Scott Helme
NISL@THU
NISL@THU
J
Java Code Geeks
B
Blog RSS Feed
Google Online Security Blog
Google Online Security Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
The Exploit Database - CXSecurity.com
AI
AI
美团技术团队
Cloudbric
Cloudbric
月光博客
月光博客
P
Proofpoint News Feed
T
Tailwind CSS Blog
Google DeepMind News
Google DeepMind News
小众软件
小众软件
www.infosecurity-magazine.com
www.infosecurity-magazine.com
The Cloudflare Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org

Datadog | The Monitor blog

Introducing our open source AI-native SAST Instrument and monitor Boomi integration flows with OpenTelemetry and Datadog Not all index scans are equal: How we cut query latency by over 99% Platform engineering metrics: What to measure and what to ignore Integrate Recorded Future threat intelligence with Datadog Cloud SIEM CI/CD security: threat modeling using a MITRE-style threat matrix CI/CD security: How to secure your GitHub ecosystem Ingress NGINX is EOL: A practical guide for migrating to Kubernetes Gateway API Operating agentic AI with Amazon Bedrock AgentCore and Datadog LLM Observability: Lessons from NTT DATA Introducing the Datadog Code Security MCP Capture and analyze custom heatmaps in Session Replay Understand session replays faster with AI summaries and smart chapters Monitor ClickHouse query performance with Datadog Database Monitoring How we designed empathetic alert sounds for on-call engineers Search and act across Datadog to resolve issues faster with Bits Assistant Measure the business impact of every product change with Datadog Experiments Analyzing round trip query latency Configuring JavaScript caches for better performance Introducing Bits AI Dev Agent for Code Security Datadog achieves ISO 42001 certification for responsible AI Monitor Nutanix clusters, hosts, and VMs with Datadog Monitor Juniper Mist in Datadog A new Host Map for modern infrastructure Annotate traces to improve LLM quality with Datadog LLM Observability What’s new in Cloud SIEM: AI-powered investigations, enhanced threat intelligence, and scalable security operations Explore Kubernetes with native OpenTelemetry data Monitor Oracle Fusion Cloud Applications with Datadog Announcing the Datadog Terraform provider v4.0.0 Scaling Kubernetes workloads on custom metrics How to design cloud environments for AI-powered threat analysis Monitor Aruba Central in Datadog How we centralize and remediate risks with Datadog Case Management Accelerate incident response with Datadog and ServiceNow Monitor your application and network load balancer logs Understanding Karpenter architecture for Kubernetes autoscaling Tools for collecting metrics and logs from Karpenter Monitor Karpenter with Datadog What your product data is actually saying Key metrics for monitoring Karpenter Securing Datadog’s platform in the AI age: The role of observability data Four ways engineering teams use the Datadog MCP Server to power AI agents Approaching your observability migration with the right mindset Meet the new Bits AI SRE: Deeper reasoning, twice as fast Key learnings from the 2026 State of DevSecOps study Use plain English to query your multi-cloud infrastructure in Resource Catalog Simplifying troubleshooting across the user journey with Datadog Synthetic Monitoring Protect your OCI resources with Datadog Cloud Security This Month in Datadog - February 2026 Amazon EC2 security: How misconfigured and public AMIs expand your cloud attack surface Enable end-to-end visibility into your Java apps with a single command Measure and improve mobile app startup performance with Datadog RUM Evaluating our AI Guard application to improve quality and control cost Identify untested code across every level of your codebase Make use of guardrail metrics and stop babysitting your releases Monitor Versa Networks SD-WAN performance in Datadog Improve performance and reliability with APM Recommendations Remediate transitive vulnerabilities faster with Datadog Software Composition Analysis Generate audit-ready vulnerability and compliance reports with Datadog Sheets Monitor Fortinet FortiManager performance in Datadog Improve test coverage across codebases with Datadog Code Coverage Move fast, don’t break things: Consistent testing standards at scale Enrich logs with ServiceNow CMDB context before routing to any SIEM or logging tool Monitor Lustre with Datadog Make faster, better product decisions with Datadog Product Analytics Surface and remediate runtime posture issues with Workload Protection Findings Protect agentic AI applications with Datadog AI Guard How to optimize JavaScript code with CSS Trace Google Pub/Sub workloads in Cloud Run with Datadog Detect human names in logs with ML in Sensitive Data Scanner How we cut our NLQ agent debugging time from hours to minutes with LLM Observability Debug PostgreSQL query latency faster with EXPLAIN ANALYZE in Datadog Database Monitoring Datadog acquires Propolis Unify and correlate frontend and backend data with retention filters Scale compliance across global frameworks with Datadog Cloud Security Monitor Arista VeloCloud SD-WAN performance with Datadog Building reliable dashboard agents with Datadog LLM Observability Simplify log collection and aggregation for MSSPs with Datadog Observability Pipelines Mitigation for Node.js denial-of-service vulnerability affecting Datadog APM Automate flaky test fixes with the Bits AI Dev Agent and Test Optimization How we built an AI SRE agent that investigates like a team of engineers Datadog integrations 2025 recap: Observability for AI, security, and hybrid cloud Design effective executive dashboards with Datadog Implement dbt data quality checks with dbt-expectations Bring faster visibility into AWS Lambda functions with remote instrumentation Troubleshoot faster with the GitLab Source Code integration in Datadog How Cambia Health Solutions saved $30,000 monthly with Cloud Cost Management and the Datadog Resource Catalog Normalize any logs for Cloud SIEM with Datadog's OCSF processor Optimizing Datadog at scale: Cost-efficient observability at Zendesk Detect, diagnose, and resolve network issues easily with CNM Network Health Connect engineering errors to user impact in early-stage products Cilium configuration for Kubernetes operations at scale Designing feedback loops for progressive delivery Ship features faster and safer with Datadog Feature Flags Choosing the right OpenTelemetry Collector distribution Route your monitor alerts with Datadog monitor notification rules Automate Cloud SIEM investigations with Bits AI Security Analyst Cloud threat detection: How to identify risky activity across control and data planes Collecting Kafka performance metrics Monitoring Kafka with Datadog Monitoring Kafka performance metrics
DASH 2025 Secure & Govern: Guide to Datadog's newest announcements
2025-06-10 · via Datadog | The Monitor blog

At DASH, we shared how Datadog is helping teams strengthen security, meet compliance requirements, and scale governance across their infrastructure. This roundup looks at new features that make it easier to visualize risk and automate remediation.

We’ve launched tag-based Data Access Controls and secret scanning to protect sensitive data as well as new governance tools, such as the Governance Console and Fleet Automation. Teams can now surface hidden risks with Security Graph, detect issues earlier with Code Security and IaC Security, and enforce compliance with flexible resource policy templates. We’ve also enhanced our Cloud SIEM capabilities with anomaly detection for log content, sequence detection for multi-stage attacks, and scheduled rules for slow-moving threats.

Learn how these updates help your teams secure their cloud environments with confidence. Then, check out our keynote roundup for other major announcements, including:

Protect data with comprehensive access controls

Find exposed secrets in source code with Secret Scanning

Datadog Secret Scanning enables developers and security engineers to detect and validate embedded secrets in source code, protecting their organizations against one of the most common root causes of security breaches. By automatically scanning code changes on every push, Secret Scanning alerts developers to hard-coded secrets and allows security teams to enforce policies to prevent vulnerable code from being merged and deployed. Powered by the same detection engine as Sensitive Data Scanner, Secret Scanning includes dozens of out-of-the-box rules for the most commonly used third-party APIs and cloud providers. Secret Scanning is now in Preview; to request access, fill out the Preview form.

See where your source code may include leaked secrets using Secret Scanning in Datadog Code Security

Detect human names in logs by using machine learning

Sensitive Data Scanner now detects human names in logs using machine learning. Currently in Preview, this capability helps identify sensitive data that is often missed by traditional pattern-based scanning, such as customer names in support tickets, error traces, or internal chat logs. The ML model is hosted within Datadog, with no training or tuning required. You can choose to redact, hash, mask, or flag matched names to reduce exposure and support compliance with privacy standards like GDPR and HIPAA. Request access to the Preview here.

SDS rule that detects human names in logs.

Protect sensitive data in Datadog using tag-based Data Access Controls to meet security and compliance requirements

Enterprise customers need a way to make sensitive data within Datadog—PII, financial information, vulnerabilities, etc.—private in order to meet their security, regulatory, and internal compliance requirements. Datadog Data Access Controls provides customers the ability to collect sensitive data to enrich their monitoring and security work with real business context while using tags to restrict which data their users can query in order to protect it. Data Access Control is currently in Limited Availability. To get early access to this feature, fill out this interest form, or reach out to your Customer Success Manager for more information.

Use tags to restrict what data users can query in DatadogI

Control who can view sensitive data in logs with role-based unmasking

Sensitive Data Scanner now supports role-based unmasking in logs, giving teams granular control over who can view masked sensitive data in logs. Security teams can investigate fields like IP addresses and access tokens, while DevOps engineers and developers see the same logs with sensitive information masked. Authorized users can unmask values on demand within Datadog, with all access logged via Audit Trail for accountability. Request access to the Preview here.

Datadog Log Explorer showing masked sensitive email data in a payment service log with role-based unmasking enabled.

Users can scan RDS resources for sensitive data

Datadog Sensitive Data Scanner helps teams quickly identify and prevent sensitive data leaks, remaining compliant with their industry’s regulations. Sensitive Data Scanner is now also able to scan Amazon RDS instances for sensitive data. Findings are surfaced in a prioritized manner and offer an easy path to investigate and action upon directly in the AWS console. See our documentation to get started.

Secure monitoring for regulated environments with the FIPS Agent

FIPS compliance is a critical part of meeting the security requirements of the Federal Risk and Authorization Management Program (FedRAMP), a government-wide program that standardizes security assessment for US federal agencies. Now you can achieve real-time observability across your infrastructure, applications, and services with secure, Federal Information Processing Standard (FIPS)-compliant monitoring using the Datadog FIPS Agent. This enhanced version of the Datadog Agent is natively built with cryptographic modules that meet FIPS 140-2 requirements to automatically encrypt data, helping you stay aligned with FedRAMP and other federal security standards.

To get started, install and configure the FIPS Agent according to the documentation, or see our blog post for more tips on monitoring highly regulated environments.

Datadog FIPS Agent install screen showing Powershell command to enable FIPS-compliant telemetry on Windows.

Stream logs in Open Cybersecurity Format (OCSF) to your preferred vendors or data lakes with Observability Pipelines

CISOs and security teams today struggle with growing volumes and complexity of security logs in a wide array of formats, making data normalization cumbersome for smaller teams with limited resources. The Open Cybersecurity Schema Framework (OCSF) offers an open source, vendor-neutral schema to standardize security event data, improving interoperability and threat correlation across tools. Datadog Observability Pipelines now includes native support for OCSF transformation, which further enhances its capabilities for aggregating, processing, and routing logs efficiently. OCSF support in Observability Pipelines empowers teams to build intuitive security workflows, easily enrich and remap logs, and direct standardized event data to their preferred security platforms. To learn more, check out our blog post.

Logs from a routed Fluentd pipeline, remapped via OCSF.

Detect and investigate security threats

Identify issues quickly with new Misconfigurations and Identity Risks explorers

Cloud Security’s revamped Misconfigurations and Identity Risks explorers allow you to more quickly drill down into security findings and begin remediating. With performance improvements, a consistent interaction pattern across all explorers, and direct access to the findings from the explorer, these updated explorers help reduce the overhead of commonly taken actions in their daily workflows. The ability to group by team helps you identify where issues are concentrated, and you can now chain group-bys to answer questions like, “Which teams have publicly accessible S3 buckets?”

The new Misconfigurations and Identity Risks explorers are now available in Preview; contact your Customer Success representative to get started, or learn more about Cloud Security in our documentation.

Updated Misconfigurations explorer in Datadog Cloud Security

Detect Amazon Bedrock misconfigurations with Datadog Cloud Security

Datadog Cloud Security now offers out-of-the-box misconfiguration detections for Amazon Bedrock, helping organizations secure their generative AI workloads without slowing innovation. These detections identify critical risks—such as unauthorized model access or insecure data paths—and prioritize them based on infrastructure context for faster, more accurate response. Integrated remediation suggestions, contextual insights, and compliance tracking make it easy to detect and fix issues while supporting evolving regulatory standards. With integrations with more than 100 AWS services and automated security posture monitoring, Datadog provides a streamlined, proactive approach to securing cloud-native AI environments. Read our blog post for more information.

Datadog Cloud Security detection of a Bedrock custom model using a publicly accessible S3 bucket.

Investigate cloud security relationships with Security Graph

Understanding how cloud resources, identities, and permissions interconnect is critical for detecting hidden risks and responding to incidents effectively. But in complex environments, tracking these relationships manually or across fragmented tools is time-consuming and error-prone. Security Graph, now available in Preview, enables security, platform, and operations teams to visually explore their cloud environments, trace trust paths, and uncover misconfigurations or privilege escalation risks in real time. By unifying identity, configuration, and security context into a graph model, Security Graph helps you detect and remediate potential threats faster. Learn more in our blog post and request access to the Preview here.

See risk relationships across your cloud resources in Datadog Security Graph.

Evaluate security status at a glance with the new Cloud Security Summary page

Cloud Security’s revamped Summary page consolidates key security metrics across your infrastructure. Here, you can find clear next steps to increase your scanning coverage, review claimed reasons for muting of security findings, and identify worst offenders and top performers across teams, services, cloud accounts, and environments. Along with consolidated existing sections of the overview page, these insights allow CISOs and security managers to evaluate their cloud security program without having to dig through the details. To get started with Cloud Security, check out our documentation.

The new Cloud Security Summary page is now available in Preview; contact your Customer Success representative to get started.

Quickly discover key security metrics and coverage with Datadog’s Cloud Security Summary page

Detect misconfigurations in your infrastructure-as-code files with IaC Security

Datadog IaC Security provides end-to-end coverage of IaC configurations across your cloud environment, helping you detect and remediate security issues before they reach production. It integrates seamlessly into developer workflows to offer a unified view of findings across code and cloud, including one-click remediations for over 180 different findings. With IaC Security alongside Cloud Security, Code Security, and other Datadog products, you can manage all of your detection rules in a single platform.

Learn more about Datadog’s approach to IaC security in our blog post, and request access to the Preview here.

IaC vulnerability finding with code-level fix identified in Datadog IaC Security

Efficiently prioritize and resolve critical vulnerabilities with Datadog Code Security

Datadog Code Security integrates security directly into your development workflow, from IDEs and pull requests to CI/CD pipelines and production environments. By combining the benefits of early detection with runtime context, Code Security identifies and prioritizes the most pressing risks in both first-party, custom code, and third-party libraries. These capabilities enable your teams to significantly reduce alert fatigue, collaborate efficiently, and remediate critical vulnerabilities faster.

To learn more, read our blog post.

Dashboard view of Datadog Code Security showing open library vulnerabilities grouped by service and filtered by risk.

View tailored metrics and actions for key security roles with the new Cloud SIEM Overview page

The updated Cloud SIEM Overview page is designed to surface more insightful security metrics and useful actions for security analysts, security engineers, detection engineers, and security managers. With this new page, teams can better understand what they need to pay attention to and have quick access to powerful tools directly from the front page of Cloud SIEM. Drive more action and be better informed about threats in your environment by signing up today.

Contact your account team to get access to this Preview, and visit our documentation to learn more about Datadog Cloud SIEM.

Datadog Cloud SIEM Overview page showing a summary of security coverage and important signals.

Customize default rules without cloning in Cloud SIEM

Security teams can now edit default and partner rules directly in Datadog Cloud SIEM, with no cloning required. You can override key fields like severity, playbook, and rule name, and even extend the query logic—all while continuing to receive updates from Datadog Security Research. This gives teams the flexibility to tailor detections to their environment without losing sync with default improvements.

Learn more in the documentation.

Datadog detection rule editor showing two CloudTrail log queries for detecting primary email updates, with conditions for malicious IPs.

Quickly inspect detection rules with the new Rule Side Panel

Security teams can now view detailed rule information in one click with the new Rule Side Panel in Datadog Cloud SIEM without needing to open the full rule editor. This intuitive panel provides a quick snapshot of everything you need to know about a rule—including conditions, suppressions, signal history, version changes, job runs, and more—all in one place.

To learn more, explore our documentation.

Datadog Cloud SIEM rule details panel showing logic and playbook for detecting primary email updates via suspicious CloudTrail API activity.

Detect subtle threats with Content Anomaly Detection in Cloud SIEM

With Content Anomaly Detection, Datadog Cloud SIEM now provides deeper visibility into the content of your logs—not just their structure or volume. Whether you’re monitoring for unauthorized access, unexpected behavior, or subtle changes in configuration, this method helps you detect risks that other approaches might overlook. Add it to your detection rules to boost visibility into real risks. To learn more, explore our documentation.

Datadog detection rule setup screen highlighting the content anomaly real-time rule to detect deviations from historical baselines.
Datadog detection rule setup screen highlighting the content anomaly real-time rule to detect deviations from historical baselines.

Cloud SIEM Risk Insights enhances security operations by integrating entity types across major cloud providers. This integration allows security teams to uncover critical investigative data by linking Cloud SIEM signals with insights from Cloud Security, such as misconfigurations and identity risks. User and machine identities are accompanied by a risk score, enabling security teams to address the most pressing suspicious entities first. Explore the documentation to learn more.

Investigate risky entities with Cloud SIEM Risk Insights

Detect advanced threats with Scheduled Rules in Cloud SIEM

Security teams can now use Scheduled Rules in Datadog Cloud SIEM to run detections on a defined schedule. This is ideal for identifying threats that require broader time frames or advanced query capabilities with calculated fields. Scheduled Rules add a powerful new threat detection model to Cloud SIEM’s existing real-time detection engine and help detect patterns like DNS tunneling or slow-moving brute force attempts that might not trigger real-time signals. Use Scheduled Rules to bring deeper analysis to your logs—sign up here for the Preview.

Datadog detection rule creation screen with Scheduled Rule selected and New Value chosen to detect attribute changes in indexed logs.

Map multi-stage attacks with Sequence Detection in Datadog Cloud SIEM

Security teams can now use Sequence Detection in Datadog Cloud SIEM to identify linked behaviors across multiple stages of an attack, such as initial access, privilege escalation, and data exfiltration. This method lets you define ordered sequences of events and control the combinations of conditions, users, and time frames that trigger a signal, helping surface coordinated activity that individual rules might miss. Sign up for the Preview and learn more in the documentation.

Normalize your data to the OCSF Common Security Data Model with Datadog Cloud SIEM

With the Common Security Data Model based on OCSF, Datadog Cloud SIEM automatically normalizes logs from sources like AWS CloudTrail, Okta, and GitHub into a unified schema, eliminating custom parsing and enabling consistent, scalable detection rules across your environment. This standardization accelerates investigations, supports cross-platform threat detection, and strengthens your security posture with schema-aligned data ready for analysis. Explore the documentation or try it to see how OCSF normalization helps you detect and respond faster.

Datadog log pipeline configuration for AWS CloudTrail with Amazon Security Lake and OCSF parsing and enrichment steps.

Enforce operational and compliance standards

Proactively govern infrastructure compliance with Resource Policies

Datadog Resource Policies, now in Preview, allows you to proactively govern your infrastructure with the ability to create custom policies with flexible logic on AWS, Microsoft Azure, or Google Cloud resources, such as “Amazon Lambda Functions should not run deprecated runtimes” or “Amazon ACM Certificates should be valid and in auto-renewal state,” without needing to write custom scripts. This helps you gain centralized visibility into whether resources across their organization are optimally configured and compliant with best practices, even as you adopt multi-cloud architectures and provision more resources.

Once you’ve created your policies, you can assess infrastructure compliance performance by team or any custom tag, so you can identify application teams with non-compliant resources and the lowest-performing teams you should reach out to. You can also create filtered views to share directly with application teams, so each team sees only the policies relevant to them

Request access to the Resource Policies Preview here, or learn more in our blog post here.

A set of all your policies that ensure optimal infrastructure configuration

Jumpstart infrastructure compliance with out-of-the-box Policy Templates

Resource Policies in Datadog enables teams to define internal standards for cloud reliability, operational excellence, security, and cost efficiency, so they can promote adherence to best practices across their infrastructure. Now, Resource Policies provides new out-of-the-box Policy Templates that cover reliability, cost optimization, operational excellence, and versioning, giving you actionable suggestions for optimizing resource configuration. You can also customize these pre-defined templates so they better fit your organization’s unique needs.

To see what out-of-the-box policies you can use to understand your infrastructure compliance gaps, request access to the Resource Policies Preview here.

Out-of-the-box policy templates that you can choose from to get started quickly with assessing your infrastructure

Remediate resource policy misconfigurations with Native Actions

When you use Policy Templates to set up Resource Policies that enforce your infrastructure best practices, the teams responsible for remediating can now run a Native Action for select use cases to make updates to the cloud console without leaving Datadog. Policy creators can also set detailed remediation instructions on a policy to guide remediating developers, reducing back-and-forth and shortening time to remediation. To enforce best practices and close the loop on misconfigurations more quickly, request access to the Preview here, or learn more in our blog post here.

Spot security misconfigurations with the Cloudcraft Security Overlay

The Cloudcraft Security Overlay shows you infrastructure misconfigurations in context to help you assess your security posture at a glance. This feature detects misconfigurations by evaluating resources against out-of-the-box rules from compliance frameworks like NIST, SOC 2, HIPAA, and more. These findings are overlaid on the Cloudcraft diagram to help you understand how the misconfigured resource impacts your broader environment. For example, the Security Overlay helps you analyze how an attacker might reach sensitive data or discover the downstream impact of a security issue. Once you’ve spotted a misconfiguration that you want to remediate, you can continue your investigation by clicking into a resource. This opens a side panel summarizing what happened and how to fix it—based on industry compliance standards—enabling you to immediately take action.

To learn more, read our dedicated blog post, or check out our documentation.

Manage your organization’s Datadog environment

Rotate Datadog API keys without restarting the Agent

Customers can now rotate Datadog API Keys without restarting the Agent, enabling seamless key rotation without causing downtime or service disruptions. This feature simplifies coordination between teams managing API keys and Agents, eliminating the need for complex, time-consuming synchronization. It enhances security by allowing more efficient key rotations, which reduces the risk of unauthorized access to sensitive data. Ultimately, it boosts operational efficiency while safeguarding critical assets. To get set up, please see our documentation.

Query metrics and logs across Datadog organizations in one place with cross-organization visibility

Some companies create and maintain multiple Datadog organizations within the same account to isolate data for a range of compliance, legal, and security reasons. But isolating critical observability data limits opportunities for collaboration, making it harder to achieve your observability goals. Now, cross-organization visibility enables customers to query metrics and logs data between Datadog organizations within the same account and get insights from multiple organizations in one place. Cross-organization visibility is generally available. See our documentation for more information.

Query data across Datadog orgs within the same account

Monitor Datadog product usage across your org with Governance Console

Enforcing consistent governance practices across your Datadog resources often starts with good intentions. But many teams inherit tagging chaos, unclear accountability, and infrastructure that has scaled faster than their ability to manage it. Datadog Governance Console provides a real-time health check of usage across your Datadog account, spotlighting adoption gaps and spend hotspots, and surfacing best-practice recommendations to maximize value. With one-click guardrails, admins can quickly enforce the right policies and keep every team efficient, compliant, and in control as usage scales. Governance Console is in Preview. Reach out to your Technical Account Manager or Customer Success Manager for more information. Sign up for the Preview to get started.

Governance Console shows product usage data across your Datadog account

View Audit Trail events for the Datadog Agent in Fleet Automation

Fleet Automation now integrates Audit Trail events for the Datadog Agent, enabling teams to centrally view critical Agent events such as configuration changes, upgrades, API key updates, installations, and support flares. This unified visibility reduces troubleshooting time by facilitating quick comparisons of historical configurations and monitoring for critical changes. With improved governance capabilities, teams can identify precisely when and from where modifications occur, ensuring consistent observability, reliable deployments, and predictable Datadog costs across their entire infrastructure. Visit our documentation to get started with Fleet Automation.

View Audit Trail events from your Datadog Agent instances in Fleet Automation

Fleet Automation now provides simplified, centralized Agent upgrades across your infrastructure

Fleet Automation’s new Agent upgrades feature simplifies the process of performing Agent software upgrades across your infrastructure. By centralizing Agent upgrades, it ensures you can deploy the latest Agent version with new features and security patches throughout your environments. The centralized visibility into upgrade status enables teams to deploy and verify success at scale, streamlining the process. Additionally, there’s no need to coordinate with other teams to gain access to hosts, which further improves operational efficiency. This feature eliminates the need for cross-team coordination and unifies the deployment process across all operating systems within a single tool. To learn more, see the documentation.

Fleet Automation shows the Datadog Agent deployed to 11 of 12 hosts.

Visually manage your observability posture with the Cloudcraft Observability Overlay and Fleet Automation

When it comes to observability, sometimes you don’t know what you don’t know. If you manage a fleet of dozens or hundreds of hosts, you want to make sure you have no critical blind spots, and ensure that you have the right monitoring tools—APM, Logs, Cloud Network Monitoring, Cloud Security, and so on—on each agent. The new Cloudcraft Observability Overlay shows exactly which agents have which Datadog products, overlaid on your live infrastructure diagram. This makes it easy to find infrastructure related to a specific app or service and ensure that you have the observability you need, where you need it. Blind spots are clearly visible—for example, hosts with no agent, or where a specific feature like APM is disabled on a host.

Beyond viewing this information, you can also upgrade agents or turn Datadog monitoring on and off directly from the diagram. Sign up for the new Upgrade Agent Preview and Manage Agent Configuration Preview to try these new features.

An infrastructure diagram that shows which cloud resources are not covered by certain Datadog products.